[pypy-dev] Could PyPy be embeded running in sanbox?
Yicong Huang
hengha.mao at gmail.com
Sat May 16 07:42:06 CEST 2015
Hi Armin,
Thanks for the answer!
I quite agree with you that cfii is very powerful and should not include in
sandbox.
However, could we consider include a small subset of cffi?
Considering the typical user usage, I think the below features are
sufficient to satisfiy most of cases:
1. Convert common objects from C to Python (function paramerts)
2. Expose python function pointer and allow C to callback
3. Return common objects to C (function return value)
Here common object means long, double, int and etc. , pointers and struct
alike complex objects are forbidden.
And Python code is not allowed to import external lib or call any external
function in imbeded sanbox.
In this way, do you think sanbox might still work properly?
And "pypy-sandbox.so" looks very attractive. I haven't figured out the
strong difference of calling "pypy_execute_source()" from running with
"pypy-sandbox".
They both accept a string of python code. One difference I thought of is
the string from "pypy_execute_source()" is C char* string, and need cffi to
convert to python string.
Are there any othe concerns to provide a "pypy_execute_source()" API for
"pypy-sandbox.so"?
On Fri, May 15, 2015 at 10:56 PM, Armin Rigo <arigo at tunes.org> wrote:
> Hi Yicong,
>
> No, PyPy cannot be embedded running sandbox. The way we present
> embedding is by using the cffi module on the Python code; but this
> module is not available at all in a sandboxed PyPy (as it allows
> random invalid things to occur).
>
> If you really want to use the sandbox, you need to consider a
> completely different approach: run ``pypy-sandbox`` as a subprocess,
> as documented on the sandboxing section on http://pypy.org/ . But
> note that sandboxing is a prototype that was never really finished
> (even though it should be safe). What would be missing for you would
> be the whole C code that talks over stdin/stdout to the subprocess.
>
> Alternatively, we could imagine to embed a ``pypy-sandbox.so`` as a
> dynamically linked library. There is no API for that, though. It
> would need to be defined and cannot be just an
> ``pypy_execute_source()`` function, because the Python side cannot use
> cffi.
>
>
> A bientôt,
>
> Armin.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/pypy-dev/attachments/20150516/a547cf79/attachment.html>
More information about the pypy-dev
mailing list